From header.

Lyle

On 07/10/16 20:49, surgemail-support wrote:
> Do you mean sent with a 'from' header of xyz.com, or by an 
> authenticated user ofHIDDEN@z.com or with a return path of xyz.com, or 
> something else ?
>
>     ChrisP.
>
>
>
> On 11/07/2016 1:13 p.m., surgemailHIDDEN@etwinsite.com wrote:
>> I have a wordpress site that has been hacked.  The hackers apparently 
>> uploaded multiple copies of basically the same script that allows 
>> them to send email from that website.  I think I have found the 
>> infected files and the security issue that they exploited to upload 
>> their scripts, but ...
>>
>> In Surgemail, I want to block any email being sent from domain 
>> xyz.com.  The emails are being sent via smtp auth from the webserver 
>> with <various namesHIDDEN@om.  I want to block emails from xyz.com 
>> from being sent out.  Either drop them or pass them to a special 
>> mailbox folder somewhere.  (the domain is not being actively used for 
>> anything usefull at the moment, so dropping any/all from emails is 
>> acceptable).
>>
>> Thanks,
>> Lyle
>>
>
>